Monday, February 24, 2025
HomeApplePoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)

PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)

Published on

SIEM as a Service

Follow Us on Google News

A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498.

This vulnerability poses a significant security risk by allowing malicious applications to bypass the macOS Sandbox, a key security feature designed to isolate app activity and protect sensitive system resources.

Details of CVE-2024-54498

The vulnerability, classified as high severity with a CVSS score of 8.8, revolves around a path-handling issue within macOS systems.

As per a report by Cyber Security News, Apple has since addressed this flaw through updates but not before a proof-of-concept attack was published online, raising concerns about potential exploitation.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Notably, the exploit abuses the sharedfilelistd process for this purpose. Once successful, the attacker can retrieve and display the sandbox token, thereby gaining unauthorized access to critical system components.

Apple’s Response and Affected Versions

Apple has acted swiftly to address the vulnerability by releasing patches for the following macOS versions:

  • macOS Sequoia 15.2
  • macOS Ventura 13.7.2
  • macOS Sonoma 14.7.2

These updates feature enhanced validation processes to mitigate the risk of exploitation. Users running outdated versions of macOS remain exposed and are strongly urged to update their systems immediately.

The PoC showcases how attackers can bypass sandbox restrictions, potentially leading to data theft, installation of malicious software, and broader system compromise.

While the availability of a PoC can be valuable for cybersecurity professionals in analyzing and defending against threats, it also raises the stakes, as malicious actors may use such information to craft their own attacks.

This has reignited debates within the cybersecurity community about the ethics of public PoC disclosures.

To safeguard your macOS device, follow these steps:

  1. Open System Settings on your Mac.
  2. Navigate to Software Update.
  3. Download and install the latest security updates for your macOS version.

Proactive measures are crucial, particularly for high-severity vulnerabilities like CVE-2024-54498. Delaying updates increases the risk of system compromise and data breaches.

As cybersecurity threats continue to evolve, staying vigilant and promptly applying security updates is critical.

While Apple’s quick response is reassuring, the public release of the PoC highlights the importance of remaining proactive in securing macOS devices against known vulnerabilities.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

GitVenom Campaign Abuses Thousands of GitHub Repositories to Infect Users

The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread...

UAC-0212: Hackers Unleash Devastating Cyber Assault on Critical Infrastructure

In a recent escalation of cyber threats, hackers have launched a targeted campaign, identified...

Widespread Chrome Malware: 16 Extensions Infect Over 3.2 Million Users

A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that...

Sliver C2 Server Vulnerability Enables TCP Hijacking for Traffic Interception

A significant vulnerability has been discovered in the Sliver C2 server, a popular open-source...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

GitVenom Campaign Abuses Thousands of GitHub Repositories to Infect Users

The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread...

UAC-0212: Hackers Unleash Devastating Cyber Assault on Critical Infrastructure

In a recent escalation of cyber threats, hackers have launched a targeted campaign, identified...

Widespread Chrome Malware: 16 Extensions Infect Over 3.2 Million Users

A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that...